Last Call Review of draft-ietf-mmusic-dtls-sdp-22
review-ietf-mmusic-dtls-sdp-22-secdir-lc-salz-2017-04-06-00
| Request | Review of | draft-ietf-mmusic-dtls-sdp |
|---|---|---|
| Requested revision | No specific revision (document currently at 32) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2017-04-06 | |
| Requested | 2017-03-17 | |
| Authors | Christer Holmberg , Roman Shpount | |
| I-D last updated | 2017-04-06 | |
| Completed reviews |
Genart Last Call review of -22
by Paul Kyzivat
(diff)
Secdir Last Call review of -22 by Rich Salz (diff) Opsdir Last Call review of -22 by Carlos Pignataro (diff) Genart Last Call review of -26 by Paul Kyzivat (diff) Genart Telechat review of -27 by Paul Kyzivat (diff) Secdir Telechat review of -28 by Rich Salz (diff) Genart Telechat review of -28 by Paul Kyzivat (diff) |
|
| Assignment | Reviewer | Rich Salz |
| State | Completed | |
| Request | Last Call review on draft-ietf-mmusic-dtls-sdp by Security Area Directorate Assigned | |
| Reviewed revision | 22 (document currently at 32) | |
| Result | Has nits | |
| Completed | 2017-04-06 |
review-ietf-mmusic-dtls-sdp-22-secdir-lc-salz-2017-04-06-00
The term "ufrag" should be explained, or at least have a reference on its first use. It seems important :) I think the "fingerprint" reference should be moved up to the bullet list in section 4, from the bullet list in 5.1 Sec 4 uses the term "cryptographic random function" which is not a common security term. (See https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator) I would just say "strong random function"; it's the number of random bits that counts. Or use CSPRNG as the term. In Sec 9, it seems like quoting all the old text is way too verbose. I would just say "replace with the following NEW TEXT" If it's not replacing an entire section, then say "the nnn paragraphs starting with xxxxx" or similar construct.